Slowing Routing Table Growth by Filtering Based on Address Allocation Policies Steve Bellovin, Randy Bush, Timothy G. Griffin, and Jennifer Rexford smb,randy,griffin,jrex ¡ @research.att.com Abstract— BGP routing tables have been growing at an host portions. A Class A address starts with a 0 in the first alarming rate in recent years. In this paper we investigate bit and uses the first octet for the network address, a Class how BGP table size can be reduced and the rate of growth slowed by applying filters that enforce the allocations bound- B address starts with a 10 in the first two bits and uses the aries documented by the numbering authorities. In addition, first two octets for the network address, and a Class C ad- this appears to be possible while losing reachability to only a small percent of addresses. dress starts with 110 and uses the first three octets for the network address. The remaining addresses are reserved for I. INTRODUCTION multicast groups (Class D) and future use (Class E). The restriction of fixed block sizes was lifted with the intro- The rapid growth of the Internet during the past few duction of Classless InterDomain Routing (CIDR) [4], [5]. years has led to increased concerns about the scalability CIDR permits an arbitrary division between the network of the underlying routing infrastructure. The Internet con- and host portions of the address. A mask length identifies sists of thousands of autonomous systems (ASes) that in- the number of bits devoted to the network part of the ad- teract to coordinate the delivery of IP traffic. Neighbor- dress. For example, the prefix 204.70.2.0/23 has a 23-bit ing ASes use the Border Gateway Protocol (BGP) to ex- mask, leaving nine bits for the host portion of the address. change routing information [1], [2], [3]. Each BGP route advertisement concerns a particular block of IP addresses CIDR allows network providers to allocate small blocks (a prefix) and includes a list of the ASes in the path, along of IP addresses to different customers while advertising with other attributes. A router stores its best and alter- a large, aggregated block to the rest of the Internet [6]. nate routes for each prefix in a BGP routing table and uses The deployment of CIDR and the CIDR-compatible BGP- this information to construct a forwarding table that con- 4 slowed the rate of routing table growth. However, the trols the forwarding of each incoming packet to the next growth of the Internet in the late 1990s led to a new surge hop in its journey. The number of prefixes in BGP routing in the size of BGP tables [7], [8]. The growth stems, in tables has important implications on storage requirements, part, from the allocation of new blocks of IP addresses computational load, forwarding performance, and protocol by the Regional Internet Registries (RIRs). In addition, overheads for Internet routers. In this paper, we evaluate some ASes advertise small address blocks (i.e., prefixes the effectiveness of filtering techniques that network oper- with large mask lengths) to balance the traffic load over ators can apply to reduce the number of prefixes and the multiple paths through the network. In other cases, an AS rate of growth of their views of the routing table. may advertise a small block of addresses on behalf of a An IP address consists of a network portion (or prefix) customer that connects to two or more upstream providers. and a host portion. Routing through the Internet is based Otherwise, the customer’s prefix would not be reachable only on the network portion of the address. Initially, IP ad- through each of the providers. Finally, in some cases, an dresses were allocated in three main block sizes, or classes, AS may advertise a small address block due to misconfigu- based on the number of octets devoted to the network and ration. Each of these factors may contribute to some extent 2 to the increasing size of BGP routing tables. ¢¤£¦¥¨§ of the address space uncovered by any remaining Network operators configure their routers to apply fil- prefix in the routing table. We analyze the main contribu- ters to incoming BGP route advertisements. These filters tors to the prefixes that exceed the RIR policies and dis- prevent the router from accepting inappropriate advertise- cuss ways to prevent reachability problems. The paper ments, such as routes to private addresses. In this paper, we concludes in Section IV with a discussion of future direc- investigate the potential for route filtering to help control tions. the growth of BGP routing tables. We focus on three types II. ROUTING DATA of filtering rules. First, operators typically filter routes for so-called “martian” addresses that should not appear in the The size of a routing table depends on the vantage point global routing tables. Second, in practice some operators of the router and the filtering policy applied by the network filter prefixes with a mask length that is longer than 24; in operator. In this section, we discuss the filtering policies the Class B range of addresses, operators sometimes fil- and routing table data that we analyze in the remainder of ter prefixes with a mask length that exceeds 16. Third, the paper. the RIRs publish allocation rules that dictate the maximum mask length for prefixes in certain regions of the address A. Policies for Prefix-Based Filtering space; operators could reduce the size of BGP routing ta- Network operators can configure their routers to filter bles by applying filters that enforce these allocation rules. certain routes based on the region of the address space and We discuss these filtering policies in more detail in Sec- the mask length of the prefix in the advertisement. Opera- tion II. We also describe the collection of routing table tors are advised to filter martian addresses. Some operators data that we use to evaluate these filtering policies over filter prefixes with mask lengths longer than 24, or longer the past few years and from multiple vantage points in the than 16 in the Class B portion of the IP address space. Internet. Operators could also filter prefixes that have larger mask Then, in Section III we analyze the growth of the BGP lengths than the address allocation guidelines published by routing table subject to the various routing filter policies. the Regional Internet Registries (RIRs). We show that the number of prefixes that have masks Martians: The IPv4 address space includes several lengths that are longer than the RIR allocation policies is “special use” prefixes [9] that have been reserved by the In- growing at a faster rate than other prefixes. We also show ternet Assigned Numbers Authority (IANA). Network op- that, by applying the entire set of filters, it is possible to erators should not accept or send advertisements for these reduce the size of BGP tables from 90,000–110,000 pre- martian addresses, as summarized in Table I. The Class fixes to just over 70,000 prefixes and divide the growth A block 0.0.0.0/8 includes the address 0.0.0.0 which is rate roughly in half. Larger BGP tables reduce by a more commonly used for default routes. The 127.0.0.0/8 pre- significant amount since a larger number of the prefixes fix is reserved for loopback addresses used by a host or that exceed the RIR policies. In some cases, a filtered router to identify itself. Three prefixes are reserved for prefix may be covered by a larger block of addresses in private networks that use the IP protocols, as discussed the routing table (e.g., 204.70.2.0/23 would be covered by in RFC 1918 [10]. The 224.0.0.0/3 block is devoted to 204.70.0.0/16). However, aggressive filtering may make Class D (multicast) and Class E (reserved) addresses. The some parts of the Internet address space unreachable. We 169.254.0.0/16 block is dedicated for auto-configuration attempt to quantify the potential loss of reachability. We of hosts when no DHCP (Dynamic Host Configuration show that the most aggressive filtering policy leaves about Protocol) server is available. The prefix 192.0.2.0/24 is 3 Category Prefix(es) (American Registry for Internet Numbers), and RIPE Default/broadcast 0.0.0.0/8 (Reseaux´ IP Europeens)—with´ new registries proposed for Loopback addresses 127.0.0.0/8 Africa and Latin America. Each regional registry allo- Private addresses 10.0.0.0/8 172.16.0.0/12 cates address blocks to Local Internet Registries (LIRs) 192.168.0.0/16 and other organizations within their regions. To reduce the Class D/E 224.0.0.0/3 impact on the size of the routing tables, the three regional Auto-configuration 169.254.0.0/16 Test network 192.0.2.0/24 registries limit the allocation sizes in different parts of the Exchange points 192.41.177.0/24 Class A and Class C portions of the address space [11], 192.157.69.0/24 [12], [13], as summarized in Appendix A. For example, 198.32.0.0/16 ARIN does not make allocations in the 63.0.0.0/8 space 206.220.243.0/24 IANA reserved 128.0.0.0/16 with a mask length longer than 19; similarly, APNIC does not make allocations in the 211.0.0.0/8 space with a mask TABLE I length longer than 23. These allocation policies are publi- MARTIAN ADDRESS BLOCKS cized to aid the ISP community in filtering and other policy decisions.